3024 matches found
CVE-2011-3458
QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted MP4 file...
CVE-2011-3460
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PNG file...
CVE-2011-3459
Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted rdrf atom in a movie file that triggers a buffer overflow...
CVE-2011-3459
Apple QuickTime on macOS X before 10.7.3 contains an off-by-one buffer overflow in handling of rdrf atoms within movie files, enabling remote code execution or denial of service. Exploitation requires a crafted file; user interaction may be needed. Apple released fixes in OS X Lion 10.7.3 (and re...
CVE-2011-3460
Apple QuickTime on Mac OS X before 10.7.3 contains a buffer overflow in PNG image decoding within the MediaVideo handling, allowing remote code execution or application crash when processing a crafted PNG file. This is the vulnerability identified as CVE-2011-3460. Public records corroborate a PN...
CVE-2011-3458
CVE-2011-3458 affects Apple QuickTime on macOS (OS X) prior to 10.7.3. The flaw is an uninitialized memory access during parsing of certain MP4 headers, allowing remote attackers to execute arbitrary code or cause an application crash via a crafted MP4 file. The impact is demonstrated as remote c...
Apple Ships Huge Set of Patches for OS X
Apple has released a massive set of patches for a wide range of security vulnerabilities in a number of its products and components, including OSX Lion and QuickTime. The patches, which are rolled up in OS X 10.7.3, fix a slew of serious bugs, many of which can be used to execute remote code on...
Mac OS X Multiple Vulnerabilities (Security Update 2012-001) (BEAST)
The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-001 applied. This update contains multiple security-related fixes for the following components : - Apache - ATS - ColorSync - CoreAudio - CoreMedia - CoreText - curl - Data Security - dovecot - filecmds ...
Mac OS X 10.7.x < 10.7.3 Multiple Vulnerabilities (BEAST)
The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.3. The newer version contains multiple security-related fixes for the following components : - Address Book - Apache - ATS - CFNetwork - CoreMedia - CoreText - CoreUI - curl - Data Security - dovecot - filecmds - ImageI...
ZDI-12-004 : Apple Quicktime JPEG2000 COD Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-004 : Apple Quicktime JPEG2000 COD Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-004 January 5, 2012 - -- CVE ID: CVE-2011-3250 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Apple - -...
ZDI-12-005 : Apple Quicktime RLE BGRA Decoding Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-005 : Apple Quicktime RLE BGRA Decoding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-005 January 5, 2012 - -- CVE ID: CVE-2011-3248 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Appl...
Apple Quicktime RLE BGRA Decoding Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...
ZDI-11-340 : Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-340 : Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-340 December 7, 2011 - -- CVE ID: CVE-2011-3248 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...
Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...
Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)
The host is installed with Apple QuickTime and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbapplequicktimemultdosvulnwinnov11.nasl 7015 2017-08-28 11:51:24Z teissa $ Apple QuickTime Multiple Denial of Service Vulnerabilities - Windows Authors: Madhuri ...
Apple QuickTime Multiple Denial of Service Vulnerabilities - Windows
Apple QuickTime is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apple QuickTime information disclosure vulnerability-vulnerability warning-the black bar safety net
Release date: 2011-10-28 Update date: 2011-10-28 Affected system: Apple QuickTime Player 7. x Not affected system: Apple QuickTime Player 7.7.1 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 5 0 1 3 0 CVE ID: CVE-2 0 1 1-3 2 2 0 QuickTime...
Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow (CVE-2011-0257)
A remote code execution vulnerability has been reported in Apple QuickTime media player. The vulnerability is due to improper boundary check that leads to a buffer overflow. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PICT file using a...
ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability
ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-311 October 27, 2011 -- CVE ID: CVE-2011-3220 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple Quicktime --...
ZDI-11-312 : Apple QuickTime Atom Hierarachy Argument Size Mismatch Remote Code Execution Vulnerability
ZDI-11-312 : Apple QuickTime Atom Hierarachy Argument Size Mismatch Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-312 October 27, 2011 -- CVE ID: CVE-2011-3221 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple...